Little clarification : Only my folderss which are in my pendrive are affected and get converted into .exe . I'm 100% sure my pendrive is clean . Not only mine . All my friends have this issue .
–
vettipayyanMar 16 '11 at 15:28

1

Lab techs also can't do anything ..... They say "we tried , but couldn't get rid of that "
–
vettipayyanMar 16 '11 at 15:29

2

@vettipayyan - all you can hope to do then is protect yourself (with strong virus checking on your computer), protect others (by not using this USB stick anywhere else) and mitigate the issue at university (by ensuring you do not use folders...just keep files in the root of the USB stick) - not an ideal scenario, as the Lab really should do better!
–
Rory Alsop♦Mar 16 '11 at 15:38

thank you . I'll try to report the issue again to department staffs...
–
vettipayyanMar 17 '11 at 12:48

If the lab's machines are infected, there's not really anything you can do to protect yourself. You can't protect the USB pendrive by installing software on it.

You can install antivirus software on your own computer, so that if you plug the USB pendrive into your own computer, your own computer won't be infected by the virus on the pendrive. Good antivirus software will typically scan the entire pendrive when you insert it onto your computer, or when you access files on the pendrive. However, understand that this is a crummy stopgap and not to be recommended, because it does nothing to prevent the files on your pendrive getting infected, and because it is still pretty dangerous to carry around an infected pendrive (you are potentially infecting anyone else's machine who you stick the pendrive into; and anti-virus is not perfect and may miss some viruses). So this is not a good solution.

The right solution is, as others have suggested, to contact the IT department who administers the lab machines and get them to remove the spyware/malware on their machines and install proper antivirus software on the lab machines.

Then no use of it. I always carry the files i created from the lab....
–
vettipayyanMar 15 '11 at 14:14

8

You should raise this issue with the computer services department at the college. It is their responsibility to ensure that the equipment you are provided with is fit for purpose, and if it's riddled with viruses and spyware then they're obviously not doing their job.
–
Matt JenkinsMar 15 '11 at 14:55

1

Obviously , they never do their job . They'll say "why the hell you bring a pendrive to lab " . well , I think i asked for a software ......
–
vettipayyanMar 15 '11 at 17:53

The free Panda USB Vaccine can be used on individual USB drives to disable its AUTORUN.INF file in order to prevent malware infections from spreading automatically. When applied on a USB drive, the vaccine permanently blocks an innocuous AUTORUN.INF file, preventing it from being read, created, deleted or modified. Once applied it effectivelly disables Windows from automatically executing any malicious file that might be stored in that particular USB drive. The drive can otherwise be used normally and files (even malware) copied to/from it, but they will be prevented from opening automatically. Panda USB Vaccine currently only works on FAT & FAT32 USB drives. Also keep in mind that USB drives that have been vaccinated cannot be reversed except with a format.

Reboot the computer(s) from a GENUINE Antivirus Live CD. See herehere and here, for info. Don't download and run them, unless you make sure they are valid/trusted/original/etc. Use common sense. Prepare your OWN from your AV, or contact your AV vendor/reseller. IF you can't get/pay a AV Live cd, do the following. Prepare (clean install) a laptop/pc with the AV,antirootkit, antimalware of your choice and put the "infected" hard drive as an external (with a sata-ide to usb cable) or as a slave harddrive. I would choose the sata/ide to usb cable. Its cheap and fast. Scan again and again.

Update the virus definitions (in memory or usb) and scan the whole system.

Clean any infections.

Scan again, the whole system. DON'T boot to normal OS yet. Check if you have still have infections.

Do the same with any Live CD you have with Antirootkit or Antimalware capabilities. Some really bad malware/rootkits hide in the MBR and survive reboots or even after a "good" clean.

Boot your pc into SAFE MODE (if it's Windows) if you can't boot from a cd and repeat previous steps. Still a safe bet but you might not be able to get rid of some really bad malware/rootkits. A dead system is allways easier to clean.

Reboot to your OS, only if you are pretty sure that u got no more infections. Don't connect to any network (internet or lab) yet

Stop USB infection

Use Panda USB Vaccine. Or see the MS article (5th link). Vaccinate your pc AND all your usb. You will disable your Windows Autorun/Autoplay features. And your usb will get a autorun.inf file (it's blank, a dummy one), and even if you put it on an infected PC, you might get the virus (hidden exe,bat,scr..etc) BUT your usb will not AUTOMATICALLY infect other pcs, unless you run the exe's on purpose. The USB drive will lose the vaccination ONLY if you format it. Remember that.

Make VISIBLE, your hidden files, AND your Protected/system files. Many viruses are marked as system files and get under the AV radar. Apply that to ALL folders.

Use an AV that auto scan ANY usb device, Kaspersky and free Avira do exactly that. Maybe others as well.

DON'T double click on the USB or CD-DVD icons from "My Computer". That way (the default Windows way), the OS see if the CD/DVD/USB has a autorun.inf file, and if they have it, it's executed and after that the contents are displayed. A more safe way is to Press winkey+E (Windows Explorer) and navigate to your drive from the left panel. That way you tell the OS to display just the contents. Even if your drive have an infected autorun.inf, it doesn't autorun.

Getting your files back, after been infected and deleted by your AV
- Use photorec or any other "Undelete" program you want/know/have. You will also recover viruses so be careful.

Additional ideas:

Get a USB with write protection. Cheap solution.

Use a Stand-alone laptop with 3 or more AV as a "Scan-USB machine". Use only one AV as a resident AV and the others as on-demand. Otherwise you might have problems. Connect it to the internet only to update the AV signatures. For nothing else. Anything that you want to put inside you lab will be scanned FIRST from that laptop with 3 AVs. Another cheap solution.

You might want to implement the previous idea to everything you download from the internet. Configure your lab so ANYTHING you download, goes to a temp folder, scanned from 3 AVs, one by one, and if it passes the check, then be available for you to get it. Our admin had it that way. I think it was configured from the ISA Server. I'm not sure.

Search for HBGary Inoculator. From their site: "It's an enterprise appliance designed to detect, remove and prevent Windows® host re-infection of known malware, without waiting for your antivirus vendor to provide a detection signature. With its breakthrough Digital Antibody technology , Inoculator provides a countermeasure against targeted cyber threats, without disruption to your enterprise." Haven't tried it.

thank you for more detailed answer.... I never let my PC vulnerable to USB's . I always run scan and then only use them . While scanning , the infected documents got removed . Those documents were earlier infected by our lab system . Further , the docs that i carried to the lab also infected . So i just want to guard my flash drive . Not my PC. But thanks for ur ideas .
–
vettipayyanMar 18 '11 at 17:34

1

Ok, try this one and tell me if it works. Make a Truecrypt container inside your USB (from a clean pc). Move your docs, inside that container, and zip them (7zip) AND password protect them (7zip AES-256).Each one of them, even with same password. Run them from from usb by first mounting the truecrypt container and then entering the password. Don't unzip them. Run them from the zip. Entering the pass. Make changes if needed. Then unmount the truecrypt container. Tell me if your docs still gets infected.
–
labmiceMar 18 '11 at 20:06

ya , thank you and i'll check that out . I'll post after the lab in monday :)
–
vettipayyanMar 19 '11 at 11:53

The sum and substance is using a different, secure computer without any autorun facility, create and lock an autorun.inf file in the root of the USB stick. If there is one there, examine it for malware clues and get rid of it.

I like using a Mac for this because they read and write FAT and ExFAT natively (which are common on USB drives), Mac formats (of course) and also NTFS if enabled through third party software. They also do not autorun and are immune to PC viruses. Macs also show all partitions, even hidden ones, on the desktop regardless if every partition is a different format, or empty. Macs are also pretty common.

This is more or less a link only answer. Please add a short description of what the page you're linking to suggests as a possible solution to OP's question. Link rot has to be considered also, and adding a description might help future reader in finding intended page, if the link becomes dead at a later date. Thanks!
–
TildalWaveJun 4 '13 at 16:58